hello, I've downloaded a trojan on ubuntu 12.04 and accessed its shell from backtrack using metasploit. The thing is that all the alerts received from snort were about BAD-TRAFFIC loopback traffic and nothing more.Is there something wrong with my configuration? shouldn't snort detect this kind of exploits?Is there any additional predefined rules for snort IPS that drop packets ?
would appreciate any kind of help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140421/b928d680/attachment.html>